fixing some problems in URI unescaping and output buffer opening, this
* uri.c xmlIO.c: fixing some problems in URI unescaping
and output buffer opening, this should fix #141864
Daniel
diff --git a/ChangeLog b/ChangeLog
index 9c22959..939b4cc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sat May 8 22:56:22 CEST 2004 Daniel Veillard <daniel@veillard.com>
+
+ * uri.c xmlIO.c: fixing some problems in URI unescaping
+ and output buffer opening, this should fix #141864
+
Fri May 7 22:31:54 CEST 2004 Daniel Veillard <daniel@veillard.com>
* valid.c include/libxml/valid.h: fixes the use of 'list' as a parameter
diff --git a/uri.c b/uri.c
index b89603c..1b2c08a 100644
--- a/uri.c
+++ b/uri.c
@@ -785,6 +785,14 @@
return(0);
}
+static int is_hex(char c) {
+ if (((c >= '0') && (c <= '9')) ||
+ ((c >= 'a') && (c <= 'f')) ||
+ ((c >= 'A') && (c <= 'F')))
+ return(1);
+ return(0);
+}
+
/**
* xmlURIUnescapeString:
* @str: the string to unescape
@@ -818,7 +826,7 @@
in = str;
out = ret;
while(len > 0) {
- if (*in == '%') {
+ if ((*in == '%') && (is_hex(in[1])) && (is_hex(in[2]))) {
in++;
if ((*in >= '0') && (*in <= '9'))
*out = (*in - '0');
diff --git a/xmlIO.c b/xmlIO.c
index 970fa6e..cb67fb8 100644
--- a/xmlIO.c
+++ b/xmlIO.c
@@ -2217,33 +2217,38 @@
xmlCharEncodingHandlerPtr encoder,
int compression ATTRIBUTE_UNUSED) {
xmlOutputBufferPtr ret;
+ xmlURIPtr puri;
int i = 0;
void *context = NULL;
- char *unescaped;
-
- int is_http_uri = 0; /* Can't change if HTTP disabled */
+ char *unescaped = NULL;
+ int is_file_uri = 1;
if (xmlOutputCallbackInitialized == 0)
xmlRegisterDefaultOutputCallbacks();
if (URI == NULL) return(NULL);
-#ifdef LIBXML_HTTP_ENABLED
- /* Need to prevent HTTP URI's from falling into zlib short circuit */
-
- is_http_uri = xmlIOHTTPMatch( URI );
-#endif
-
+ puri = xmlParseURI(URI);
+ if (puri != NULL) {
+ if ((puri->scheme == NULL) ||
+ (xmlStrEqual(BAD_CAST puri->scheme, BAD_CAST "file")))
+ is_file_uri = 0;
+ /*
+ * try to limit the damages of the URI unescaping code.
+ */
+ if (puri->scheme != NULL)
+ unescaped = xmlURIUnescapeString(URI, 0, NULL);
+ xmlFreeURI(puri);
+ }
/*
* Try to find one of the output accept method accepting that scheme
* Go in reverse to give precedence to user defined handlers.
* try with an unescaped version of the URI
*/
- unescaped = xmlURIUnescapeString(URI, 0, NULL);
if (unescaped != NULL) {
#ifdef HAVE_ZLIB_H
- if ((compression > 0) && (compression <= 9) && (is_http_uri == 0)) {
+ if ((compression > 0) && (compression <= 9) && (is_file_uri == 1)) {
context = xmlGzfileOpenW(unescaped, compression);
if (context != NULL) {
ret = xmlAllocOutputBuffer(encoder);
@@ -2280,7 +2285,7 @@
*/
if (context == NULL) {
#ifdef HAVE_ZLIB_H
- if ((compression > 0) && (compression <= 9) && (is_http_uri == 0)) {
+ if ((compression > 0) && (compression <= 9) && (is_file_uri == 1)) {
context = xmlGzfileOpenW(URI, compression);
if (context != NULL) {
ret = xmlAllocOutputBuffer(encoder);